Long Term Privacy with Forward Secrecy

This week, Google activated a web privacy feature called “forward secrecy”, becoming one of the web’s first major players to put this important component in place. It’s an important step, and other sites should follow suit. In order to understand why enabling forward secrecy is so important, it’s helpful to know how HTTPS works in the first place.

HTTPS encrypts requests that your browser makes to web servers, and then encrypts the resulting pages. That makes the exchanged messages incomprehensible to anybody in between, such as your ISP or an eavesdropper. Each web server has a secret key, and only somebody with that secret key can decrypt the messages.1 That arrangement provides a basic layer of security from many online threats to your privacy.

(It’s worth noting that some websites that allow HTTPS connections don’t use them by default. To tell your browser to default to encrypted connections with over 1,000 sites, you can use our Firefox extension HTTPS Everywhere.)

Without forward secrecy enabled, the encrypted messages can be stored and decrypted with the private key at any time. That can lead to major issues: if your traffic has been intercepted, and the web server’s key is ever compromised, there’s no way to stop the attacker from decrypting and reading the old messages — even years later.

Forward secrecy is the way to address that threat. With forward secrecy enabled, some of the information that’s needed to decrypt those messages is ephemeral and never stored. That means that even if the secret key is compromised, only new encrypted traffic is at risk — and if the web server operator detects the attack, they can revoke the old secret key and create a new one.

This technique is already in use in other cryptographic technologies. One popular example is the Off-The-Record (OTR) messaging protocol, co-developed by 2011 EFF Pioneer Award winner Ian Goldberg. Because it uses forward secrecy, instant messages exchanged using OTR can only be decrypted with a private key at the time they are received, and encrypted messages that are intercepted and stored can never again be unscrambled and read.

Other web sites have implemented HTTPS with forward secrecy before — we have it enabled by default on https://www.eff.org/ — but it hasn’t yet been rolled out on a site of Google’s scale. Some sites have publicly resisted implementing forward secrecy because it is more CPU intensive than standard HTTP or HTTPS. In order to address that problem, Google made improvements to the open source OpenSSL library, and has incorporated those changes into the library for anybody to use.

Forward secrecy is an important step forward for web privacy, and we encourage sites, big and small, to follow Google’s lead in enabling it!

1. Technically, the web server’s secret key is used to encrypt data that becomes a new, random session key that is shared between the two parties. But because the session key is encrypted with the server key, a compromised server key can decrypt the session key, which can then decrypt the data.

Related Updates

Over the next few weeks, EFF and our allies will enter our final push to pass legislation out of the California legislature that would defend and promote civil liberties. With a Democratic super-majority eager to push back against the federal government, our chances have seldom been better to move the...

SAN FRANCISCO, CALIFORNIA—The Electronic Frontier Foundation (EFF) announced today that whistleblower and activist Chelsea Manning, Techdirt editor and open internet advocate Mike Masnick, and IFEX executive director and global freedom of expression defender Annie Game are the distinguished winners of the 2017 Pioneer Awards, which recognize leaders who are extending...

Internet users across California have been calling their state legislators to demand they restore their broadband privacy rights by passing A.B. 375. So far that public pressure has been overriding the opposition from major cable and telephone companies (although many ISPs based in California actually support the privacy rules) as...

Don't Trust Data Localization Exceptions in Trade Agreements to Guarantee Protection of Personal Data The digital economy relies on cross-border provision of services and goods, and in the past government trade regulators have embraced the borderless nature of the Internet and adopted light-touch regulation. But with the growing perception of...

Washington, D.C - The Electronic Frontier Foundation (EFF) urged the U.S. Supreme Court today to curb law enforcement’s expansive tracking of suspects’ cell phones, arguing that police must get a warrant before collecting the detailed location data that all phones generate as part of their routine functioning. The defendants...

WASHINGTON, D.C.—The Electronic Frontier Foundation (EFF) asked the Supreme Court to review and overturn an unprecedented ruling allowing the government to intercept, collect, and store—without a warrant—millions of Americans’ electronic communications, including emails, texts, phone calls, and online chats. This warrantless surveillance is conducted by U.S. intelligence agencies...

This blog post was first published in The Hill on July 18, 2017. This summer, the U.S. Department of Homeland Security (DHS) is expanding its program of subjecting U.S. and foreign citizens to facial recognition screening at international airports. This indiscriminate biometric surveillance program threatens the personal privacy of...

New Orleans, Louisiana—Searches of mobile phones, laptops, and other digital devices by federal agents at international airports and U.S. land borders are highly intrusive forays into travelers’ private information that require a warrant, the Electronic Frontier Foundation (EFF) said in a court filing yesterday. EFF urged the U.S...

This summer, two of the west coast’s largest metropolitan areas—Seattle and Los Angeles County—took major steps to curtail secret, unilateral surveillance by local police. These victories for transparency and community control lend momentum toward sweeping reforms pending across California, as well as congressional efforts to curtail unchecked surveillance by federal...

License plates are more than numbers and letters you display on your car. When police photograph your license plate, scan it, record the precise times and locations of the scans, and store all that information indefinitely in a database, they can search this information to piece together your movements and...